《计算机应用》唯一官方网站 ›› 2023, Vol. 43 ›› Issue (11): 3375-3384.DOI: 10.11772/j.issn.1001-9081.2022111802
• 2022年全国开放式分布与并行计算学术年会(DPCS 2022) • 上一篇 下一篇
刘长庚1,2,3, 刘亚丽1,2,3(), 陆琪鹏1,2,3, 李涛1,2,3, 林昌露2, 祝义1
收稿日期:
2022-11-04
修回日期:
2023-01-06
接受日期:
2023-01-10
发布日期:
2023-05-08
出版日期:
2023-11-10
通讯作者:
刘亚丽
作者简介:
刘长庚(1997—),男,江苏连云港人,硕士研究生,CCF会员,主要研究方向:无线射频识别认证、物联网安全、隐私保护基金资助:
Changgeng LIU1,2,3, Yali LIU1,2,3(), Qipeng LU1,2,3, Tao LI1,2,3, Changlu LIN2, Yi ZHU1
Received:
2022-11-04
Revised:
2023-01-06
Accepted:
2023-01-10
Online:
2023-05-08
Published:
2023-11-10
Contact:
Yali LIU
About author:
LIU Changgeng, born in 1997, M. S. candidate. His research interests include Radio Frequency Identification(RFID) authentication, Internet of Things security, privacy-preserving.Supported by:
摘要:
攻击者通过伪造车辆遥控钥匙发送的无线射频识别(RFID)信号可以非法开启车辆;而且当车辆遥控钥匙丢失或被盗窃,攻击者可以获取钥匙内部秘密信息并克隆出可用的车辆遥控钥匙,会对车主的财产与隐私安全造成威胁。针对上述问题,提出一种抵抗物理克隆攻击的车载遥控门锁(RKE)双因子认证(VRTFA)协议。该协议基于物理不可克隆函数(PUF)和生物指纹特征提取与恢复函数,使合法车辆遥控钥匙的特定硬件物理结构无法被伪造。同时,引入生物指纹因子构建双因子身份认证协议,消除车辆遥控钥匙被盗用的安全隐患,进一步保障车载RKE系统的安全双向认证。利用BAN逻辑对协议进行安全性分析的结果表明,VRTFA协议可以抵抗伪造攻击、去同步攻击、重放攻击、中间人攻击、物理克隆攻击以及密钥全泄漏攻击等恶意攻击,并满足前向安全性、双向认证性、数据完整性和不可追踪性等安全属性。性能分析表明,VRTFA协议与现有的RFID认证协议相比具有更强的安全性与隐私性和更好的实用性。
中图分类号:
刘长庚, 刘亚丽, 陆琪鹏, 李涛, 林昌露, 祝义. 抵抗物理克隆攻击的车载遥控门锁双因子认证协议[J]. 计算机应用, 2023, 43(11): 3375-3384.
Changgeng LIU, Yali LIU, Qipeng LU, Tao LI, Changlu LIN, Yi ZHU. Vehicle RKE two-factor authentication protocol resistant to physical cloning attack[J]. Journal of Computer Applications, 2023, 43(11): 3375-3384.
符号 | 含义 | 符号 | 含义 |
---|---|---|---|
IDS | 遥控钥匙假名 | PUF( ) | 物理不可克隆函数 |
ID | 遥控钥匙身份标识 | h( ) | 哈希函数 |
Bio | 用户生物指纹 | KT | 遥控钥匙认证密钥 |
Gen( ) | 生物特征提取函数 | KR | 车载阅读器认证密钥 |
Rep( ) | 生物特征恢复函数 |
表1 符号说明
Tab. 1 Description of symbols
符号 | 含义 | 符号 | 含义 |
---|---|---|---|
IDS | 遥控钥匙假名 | PUF( ) | 物理不可克隆函数 |
ID | 遥控钥匙身份标识 | h( ) | 哈希函数 |
Bio | 用户生物指纹 | KT | 遥控钥匙认证密钥 |
Gen( ) | 生物特征提取函数 | KR | 车载阅读器认证密钥 |
Rep( ) | 生物特征恢复函数 |
安全属性 | 文献[ 协议 | 文献[ 协议 | 文献[ 协议 | 文献[ 协议 | VRTFA 协议 |
---|---|---|---|---|---|
数据完整性 | Yes | Yes | Yes | Yes | Yes |
前向安全性 | Yes | Yes | Yes | Yes | Yes |
不可追踪性 | Yes | Yes | Yes | Yes | Yes |
双向认证性 | Yes | Yes | Yes | Yes | Yes |
去同步攻击 | Yes | Yes | Yes | Yes | Yes |
抗伪造攻击 | Yes | Yes | Yes | Yes | Yes |
抗重放攻击 | Yes | Yes | Yes | Yes | Yes |
抗中间人攻击 | Yes | Yes | Yes | Yes | Yes |
抗物理克隆攻击 | No | No | Yes | Yes | Yes |
抗密钥全泄露攻击 | No | No | No | No | Yes |
表2 VRTFA协议与其他RFID认证协议的安全性对比分析
Tab. 2 Security comparison and analysis of VRTFA protocol and other RFID authentication protocols
安全属性 | 文献[ 协议 | 文献[ 协议 | 文献[ 协议 | 文献[ 协议 | VRTFA 协议 |
---|---|---|---|---|---|
数据完整性 | Yes | Yes | Yes | Yes | Yes |
前向安全性 | Yes | Yes | Yes | Yes | Yes |
不可追踪性 | Yes | Yes | Yes | Yes | Yes |
双向认证性 | Yes | Yes | Yes | Yes | Yes |
去同步攻击 | Yes | Yes | Yes | Yes | Yes |
抗伪造攻击 | Yes | Yes | Yes | Yes | Yes |
抗重放攻击 | Yes | Yes | Yes | Yes | Yes |
抗中间人攻击 | Yes | Yes | Yes | Yes | Yes |
抗物理克隆攻击 | No | No | Yes | Yes | Yes |
抗密钥全泄露攻击 | No | No | No | No | Yes |
协议 | 标签计算代价 | 服务端计算代价 | 通信开销 | 标签存储开销 | 服务端存储开销 |
---|---|---|---|---|---|
文献[ | 2TC+3TX | 5TC+4TX | 8L | 3L | 7L |
文献[ | 2TE+7TH | 10TE+14TH+2TR | 32L | 3L | 10L |
文献[ | 1TR+3TP+6TH+3TX | 1TR+1TP+6TH+2TX | 7L | (n+1)*L | 9n*L |
文献[ | 1TR+4TP+7TH+4TX | 2TR+7TH+4TX | 13L | (n+1)*L | 6n*L |
VRTFA协议 | 2TP+9TH+7TX | 2TR+28TH+17TX | 13L | 8L | 8L |
表3 VRTFA协议与其他RFID认证协议性能对比分析
Tab. 3 Performance comparison and analysis of VRTFA protocol and other RFID authentication protocols
协议 | 标签计算代价 | 服务端计算代价 | 通信开销 | 标签存储开销 | 服务端存储开销 |
---|---|---|---|---|---|
文献[ | 2TC+3TX | 5TC+4TX | 8L | 3L | 7L |
文献[ | 2TE+7TH | 10TE+14TH+2TR | 32L | 3L | 10L |
文献[ | 1TR+3TP+6TH+3TX | 1TR+1TP+6TH+2TX | 7L | (n+1)*L | 9n*L |
文献[ | 1TR+4TP+7TH+4TX | 2TR+7TH+4TX | 13L | (n+1)*L | 6n*L |
VRTFA协议 | 2TP+9TH+7TX | 2TR+28TH+17TX | 13L | 8L | 8L |
1 | CHENG J J, CHENG J L, ZHOU M C, et al. Routing in Internet of Vehicles: a review[J]. IEEE Transactions on Intelligent Transportation Systems, 2015, 16(5): 2339-2352. 10.1109/tits.2015.2423667 |
2 | 侯琬钰,孙钰,李大伟,等. 基于PUF的5G车联网V2V匿名认证与密钥协商协议[J]. 计算机研究与发展, 2021, 58(10):2265-2277. 10.7544/issn1000-1239.2021.20210486 |
HOU W Y, SUN Y, LI D W, et al. Anonymous authentication and key agreement protocol for 5G-V2V based on PUF[J]. Journal of Computer Research and Development, 2021, 58(10): 2265-2277. 10.7544/issn1000-1239.2021.20210486 | |
3 | 宋涛,李秀华,李辉,等. 大数据时代下车联网安全加密认证技术研究综述[J]. 计算机科学, 2022, 49(4): 340-353. 10.11896/jsjkx.210400112 |
SONG T, LI X H, LI H, et al. Overview of research on security encryption authentication technology of IoV in big data era[J]. Computer Science, 2022, 49(4): 340-353. 10.11896/jsjkx.210400112 | |
4 | 王春东,罗婉薇,莫秀良,等. 车联网互信认证与安全通信综述[J]. 计算机科学, 2020, 47(11): 1-9. 10.11896/jsjkx.200800024 |
WANG C D, LUO W W, MO X L, et al. Survey on mutual trust authentication and secure communication of Internet of Vehicles[J]. Computer Science, 2020, 47(11): 1-9. 10.11896/jsjkx.200800024 | |
5 | FENG X, SHI Q, XIE Q, et al. P2BA: a privacy-preserving protocol with batch authentication against semi-trusted RSUs in Vehicular Ad hoc Networks[J]. IEEE Transactions on Information Forensics and Security, 2021, 16: 3888-3899. 10.1109/tifs.2021.3098971 |
6 | PASCALE F, ADINOLFI E A, COPPOLA S, et al. Cybersecurity in automotive: an intrusion detection system in connected vehicles[J]. Electronics, 2021, 10(15): No.1765. 10.3390/electronics10151765 |
7 | LANG D, D van der HAAR. Recommendations for biometric access control system deployment in a vehicle context in South Africa[M]// KIM K J, KIM H Y. Information Science and Applications: ICISA 2019, LNEE 621. Singapore: Springer, 2020: 305-317. 10.1007/978-981-15-1465-4_32 |
8 | ALLADI T, KOHLI V, CHAMOLA V, et al. Artificial Intelligence (AI)-empowered intrusion detection architecture for the Internet of Vehicles[J]. IEEE Wireless Communications, 2021, 28(3): 144-149. 10.1109/mwc.001.2000428 |
9 | KAFAN. 360 Network Attack and Defense Lab announces that Tesla’s vulnerability can be removed without a key[EB/OL]. [2022-01-21].. |
10 | 刘晓龙. 车联网OBU多级安全架构及通信方案研究[D]. 镇江:江苏大学, 2018. |
LIU X L. Research on OBU-based multilevel security architecture and communication scheme for Internet of Vehicles[D]. Zhenjiang: Jiangsu University, 2018. | |
11 | ELECFANS.百度成功破解T-BOX系统 车联网安全迈上新高度[EB/OL]. (2016-11-30) [2022-01-21].. |
ELECFANS. Baidu successfully cracked the T-BOX system and brought Internet of Vehicles security to a new level[EB/OL]. (2016-11-30) [2022-01-21].. | |
12 | TENCENT. Tencent Cohen Lab successfully invaded Tesla remotely for the first time[EB/OL]. (2016-09-20) [2022-01-21].. |
13 | OK特斯拉. 喜闻乐见!特斯拉Model S被盗: 1 分钟内打开车门,3分钟盗走车辆[EB/OL]. (2019-12-02) [2022-01-21].. |
TESLA OK. Love to see and hear! Tesla Model S was stolen: open the door within 1 minute and steal the vehicle within 3 minutes[EB/OL]. (2019-12-02) [2022-01-21].. | |
14 | LIU Y, YIN X, DONG Y, et al. Lightweight authentication scheme with inverse operation on passive RFID tags[J]. Journal of the Chinese Institute of Engineers, 2019, 42(1): 74-79. 10.1080/02533839.2018.1537811 |
15 | 李涛,刘亚丽. 一种基于双PUF的RFID认证协议[J]. 计算机研究与发展, 2021, 58(8): 1801-1810. 10.7544/issn1000-1239.2021.20200477 |
LI T, LIU Y L. A double PUF-based RFID authentication protocol[J]. Journal of Computer Research and Development, 2021, 58(8): 1801-1810. 10.7544/issn1000-1239.2021.20200477 | |
16 | 黄琪,凌捷. 一种超轻量级移动射频识别的双向认证协议[J]. 计算机科学, 2017, 44(7): 111-115. 10.11896/j.issn.1002-137X.2017.07.021 |
HUANG Q, LING J. Ultra-lightweight mutual authentication protocol for mobile radio frequency identification[J]. Computer Science, 2017, 44(7): 111-115. 10.11896/j.issn.1002-137X.2017.07.021 | |
17 | 李璐璐,董庆宽,陈萌萌. 基于云的轻量级RFID群组标签认证协议[J]. 计算机科学, 2019, 46(1): 182-189. 10.11896/j.issn.1002-137X.2019.01.028 |
LI L L, DONG Q K, CHEN M M. Cloud-based lightweight RFID group tag authentication protocol[J]. Computer Science, 2019, 46(1): 182-189. 10.11896/j.issn.1002-137X.2019.01.028 | |
18 | 王悦,樊凯. 物联网中超轻量级RFID电子票据安全认证方案[J]. 计算机研究与发展, 2018, 55(7): 1432-1439. 10.7544/issn1000-1239.2018.20180075 |
WANG Y, FAN K. Ultra-lightweight RFID electronic ticket authentication scheme in IoT[J]. Journal of Computer Research and Development, 2018, 55(7): 1432-1439. 10.7544/issn1000-1239.2018.20180075 | |
19 | 王国伟,贾宗璞,彭维平. 基于动态共享密钥的移动RFID双向认证协议[J]. 电子学报, 2017, 45(3): 612-618. 10.3969/j.issn.0372-2112.2017.03.016 |
WANG G W, JIA Z P, PENG W P. A mutual authentication protocol of mobile RFID based on dynamic shared-key[J]. Acta Electronica Sinica, 2017, 45(3): 612-618. 10.3969/j.issn.0372-2112.2017.03.016 | |
20 | GOPE P, LEE J, QUEK T Q S. Lightweight and practical anonymous authentication protocol for RFID systems using physically unclonable functions[J]. IEEE Transactions on Information Forensics and Security, 2018, 13(11): 2831-2843. 10.1109/tifs.2018.2832849 |
21 | GOPE P, SIKDAR B. An efficient privacy-preserving authenticated key agreement scheme for edge-assisted internet of drones[J]. IEEE Transactions on Vehicular Technology, 2020, 69(11): 13621-13630. 10.1109/tvt.2020.3018778 |
22 | DAS M L. Two-factor user authentication in wireless sensor networks[J]. IEEE Transactions on Wireless Communications, 2009, 8(3): 1086-1090. 10.1109/twc.2008.080128 |
23 | WANG D, HE D, WANG P, et al. Anonymous two-factor authentication in distributed systems: certain goals are beyond attainment[J]. IEEE Transactions on Dependable and Secure Computing, 2015, 12(4): 428-442. 10.1109/tdsc.2014.2355850 |
24 | 李文婷,汪定,王平. 无线传感器网络下多因素身份认证协议的内部人员攻击[J]. 软件学报, 2019, 30(8): 2375-2391. |
LI W T, WANG D, WANG P. Insider attacks against multi-factor authentication protocols for wireless sensor networks[J]. Journal of Software, 2019, 30(8): 2375-2391. | |
25 | QIU S, WANG D, XU G. Practical and provably secure three-factor authentication protocol based on extended chaotic-maps for mobile lightweight devices[J]. IEEE Transactions on Dependable and Secure Computing, 2022, 19(2): 1338-1351. |
26 | CAI Q, ZHAN Y, WANG Y. A minimalist mutual authentication protocol for RFID system & BAN logic analysis[C]// Proceedings of the 2008 ISECS International Colloquium on Computing, Communication, Control, and Management — Volume 2. Piscataway: IEEE, 2008: 449-453. 10.1109/cccm.2008.305 |
27 | LIU K, YE J, WANG Y. The security analysis on Otway-Rees protocol based on BAN logic[C]// Proceedings of the 4th International Conference on Computational and Information Sciences. Piscataway: IEEE, 2012: 341-344. 10.1109/iccis.2012.349 |
28 | XU H, DING J, LI P, et al. A lightweight RFID mutual authentication protocol based on physical unclonable function[J]. Sensors, 2018, 18(3): No.760. 10.3390/s18030760 |
29 | 马昌社. 前向隐私安全的低成本RFID认证协议[J]. 计算机学报, 2011, 34(8): 1387-1398. 10.3724/sp.j.1016.2011.01387 |
MA C S. Low cost RFID authentication protocol with forward privacy[J]. Chinese Journal of Computers, 2011, 34(8): 1387-1398. 10.3724/sp.j.1016.2011.01387 | |
30 | YEH K H. A lightweight authentication scheme with user untraceability[J]. Frontiers of Information Technology and Electronic Engineering, 2015, 16(4): 259-271. 10.1631/fitee.1400232 |
31 | JAN M A, KHAN F, ALAM M, et al. A payload-based mutual authentication scheme for Internet of Things[J]. Future Generation Computer Systems, 2019, 92: 1028-1039. 10.1016/j.future.2017.08.035 |
32 | LIU Y, EZERMAN M F, WANG H. Double verification protocol via secret sharing for low-cost RFID tags[J]. Future Generation Computer Systems, 2019, 90: 118-128. 10.1016/j.future.2018.07.004 |
33 | WANG W, CHEN Q, YIN Z, et al. Blockchain and PUF-based lightweight authentication protocol for wireless medical sensor networks[J]. IEEE Internet of Things Journal, 2022, 9(11): 8883-8891. 10.1109/jiot.2021.3117762 |
34 | SYAFRILAH Z, PERMANA A A, HANDAYANI A D. Modified RAP-WOTA for preventing man in the middle and replay attacks[C]// Proceedings of the 2019 International Workshop on Big Data and Information Security. Piscataway: IEEE, 2019: 73-78. 10.1109/iwbis.2019.8935836 |
35 | BENDAVID Y, BAGHERI N, SAFKHANI M, et al. IoT device security: challenging “a lightweight RFID mutual authentication protocol based on physical unclonable function”[J]. Sensors, 2018, 18(12): No.4444. 10.3390/s18124444 |
36 | MENG L, XU H, XIONG H, et al. An efficient certificateless authenticated key exchange protocol resistant to ephemeral key leakage attack for V2V communication in IoV[J]. IEEE Transactions on Vehicular Technology, 2021, 70(11): 11736-11747. 10.1109/tvt.2021.3113652 |
37 | CREMERS C J F. The Scyther tool: verification, falsification and analysis of security protocols[C]// Proceedings of the 2008 International Conference on Computer Aided Verification, LNCS 5123. Berlin: Springer, 2008: 414-418. |
[1] | 李诗扬, 倪少杰, 邓丁, 陈雷, 林红磊. 基于非正交离散变换的物理不可克隆函数可靠性提升算法[J]. 《计算机应用》唯一官方网站, 2024, 44(7): 2116-2122. |
[2] | 宋斌威, 王耀. 面向FPGA 知识产权保护的低开销按次付费授权方案[J]. 《计算机应用》唯一官方网站, 2023, 43(10): 3142-3148. |
[3] | 秦晓, 成苗, 张绍兵, 何莲, 石向文, 王品学, 曾尚. 工业场景下基于秩信息对YOLOv4的剪枝[J]. 《计算机应用》唯一官方网站, 2022, 42(5): 1417-1423. |
[4] | 吴恺凡, 殷新春. 基于随机运算符的轻量级匿名射频识别系统双向认证协议[J]. 计算机应用, 2021, 41(6): 1621-1630. |
[5] | 张兴兰, 赵怡静. 基于单光子的量子双向同步身份认证协议[J]. 计算机应用, 2020, 40(9): 2634-2638. |
[6] | 徐晓翔, 常相茂, 陈方进. 基于RFID标签阵列的睡眠期间呼吸量连续监测系统[J]. 计算机应用, 2020, 40(5): 1534-1538. |
[7] | 黄可可, 刘亚丽, 殷新春. 基于位重排变换的超轻量级RFID双向认证协议[J]. 计算机应用, 2019, 39(1): 118-125. |
[8] | 陶源, 周喜, 马玉鹏, 赵凡. 基于Hash函数的移动双向认证协议[J]. 计算机应用, 2016, 36(3): 657-660. |
[9] | 龙昭华, 宫腾飞. 基于非空时隙数的无线射频识别标签估算算法[J]. 计算机应用, 2016, 36(1): 101-106. |
[10] | 湛霍, 林亚平, 张吉良, 唐彬. 面向物理不可克隆函数的可靠性与随机性增强技术[J]. 计算机应用, 2015, 35(5): 1406-1411. |
[11] | 张琪, 梁向前, 位书敏. 基于伪随机函数的移动射频识别认证协议[J]. 计算机应用, 2015, 35(4): 977-980. |
[12] | 薛锋, 汪定, 曹品军, 李勇. 对两个无线传感器网络中匿名身份认证协议的安全性分析[J]. 计算机应用, 2015, 35(12): 3424-3428. |
[13] | 潘昊, 陈蒙. 物联网中无线射频识别读写器系统防碰撞算法优化[J]. 计算机应用, 2015, 35(1): 23-26. |
[14] | 叶翔 徐展 胡翔 刘丹. 低成本有源RFID双向认证加密方案[J]. 计算机应用, 2014, 34(2): 456-460. |
[15] | 钱晓捷 郭洪圆 田阳光. 基于0-1分布的RFID标签估计算法[J]. 计算机应用, 2013, 33(08): 2128-2131. |
阅读次数 | ||||||
全文 |
|
|||||
摘要 |
|
|||||